lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <01cc01c7f72c$afc6c6d0$0f545470$@com>
Date: Sat, 15 Sep 2007 03:09:28 +0300
From: "avivra" <avivra@...il.com>
To: <tmanning@...intsys.com>, <bugtraq@...urityfocus.com>,
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: Next generation malware: Windows Vista's
	gadget API

Great overview, Todd!
I've just wanted to mention that MS downplayed the vulnerabilities I've
found in Vista's Sidebar gadgets.
In my blog post
(http://aviv.raffon.net/2007/08/16/VistaGadgetsGoneWild.aspx), I've
demonstrated a scenario where a worm can be propagated by exploiting the
vulnerability in the RSS feeds gadget.
I don't understand why Microsoft rated this vulnerability as important,
instead of critical.

--Aviv.

-----Original Message-----
From: Todd Manning [mailto:sflist@...italoffense.net] 
Sent: Thursday, September 13, 2007 8:47 PM
To: bugtraq@...urityfocus.com
Subject: Re: Next generation malware: Windows Vista's gadget API

On Sep 13, 2007, at 04:16 AM, Tim Brown wrote:

> A paper has just been released on the Windows Vista's gadget API.  The
> abstract is as follows:
>
> Windows has had the ability to embed HTML into it's user interface  
> for many
> years. Right back to and including Windows NT 4.0, it has been  
> possible to
> embed HTML into the task bar, but the OS has always maintained a  
> sandbox,
> from which the HTML has been unable to escape. All this changes  
> with Windows
> Vista. This paper seeks to inform system administrators, users and the
> wider community on both potential attack vectors using gadgets and the
> mitigations provided by Windows Vista.
>
> The full paper can be found at http://www.portcullis-security.com/ 
> 165.php.
>


Good paper; Since this is out there I figure I'll forward the much  
shorter article I wrote that details an attack against the contact  
gadget, which was patched last month.

https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget- 
patches-in-ms07-048

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ